Issue when using JSON (Whitelist) Authentication with Password Encoding
53 views
Skip to first unread message
Nebil Mabrouk
Sep 12, 2018, 4:12:58 PM9/12/18
to CAS Community
Hi all,
I have a problem when using JSON Authentication with Password Encoding.
I used both CAS versions 5.3.2 and 5.3.3, and below is the used config:
Properties:
cas.authn.json.location=file:/path_xx/users-SHA-256.json
#cas.authn.json.name=
cas.authn.json.passwordEncoder.type=DEFAULT
cas.authn.json.passwordEncoder.encodingAlgorithm=SHA-256
cas.authn.json.passwordEncoder.characterEncoding=UTF-8
JSON file:{
"@class" : "java.util.LinkedHashMap", "admin" : {
"@class" : "org.apereo.cas.adaptors.generic.CasUserAccount",
"password" : "8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918",
"attributes" : {
"@class" : "java.util.LinkedHashMap",
"kkkkkk" : "vvvvvvv"
},
"status" : "OK",
"expirationDate" : "2019-12-31"
}}
Log:
2018-09-12 21:29:49,399 DEBUG [org.apereo.cas.util.crypto.DefaultPasswordEncoder] - <Using [UTF-8] as the character encoding algorithm to update the digest>
2018-09-12 21:29:49,402 DEBUG [org.apereo.cas.util.crypto.DefaultPasswordEncoder] - <Encoded password via algorithm [SHA-256] and character-encoding [UTF-8] is [8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918]>
2018-09-12 21:29:49,430 DEBUG [org.apereo.cas.util.crypto.DefaultPasswordEncoder] - <Using [UTF-8] as the character encoding algorithm to update the digest>
2018-09-12 21:29:49,431 DEBUG [org.apereo.cas.util.crypto.DefaultPasswordEncoder] - <Encoded password via algorithm [SHA-256] and character-encoding [UTF-8] is [998ed4d621742d0c2d85ed84173db569afa194d4597686cae947324aa58ab4bb]>
2018-09-12 21:29:49,431 DEBUG [org.apereo.cas.util.crypto.DefaultPasswordEncoder] - <Provided password does not match the encoded password>
Problem:
According to the debug info, CAS encodes the password twice, and the second encoding is wrong. I don't understand how it is produced.
I used as password 'admin', which SHA-256 encoding is 8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918.
But CAS considers the second encoding, i.e., 998ed4d621742d0c2d85ed84173db569afa194d4597686cae947324aa58ab4bb (when I use this encoding it works).
Thank you in advance for your help :)
Nebil Mabrouk
Sep 19, 2018, 9:55:21 AM9/19/18
to cas-...@apereo.org
Please I need help or hints about this issue? Is it a bug?
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscribe@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/4fb02cde-2a9a-43ee-a127-e01accfcc494%40apereo.org.
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscribe@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/4fb02cde-2a9a-43ee-a127-e01accfcc494%40apereo.org.
nebil....@activeeon.com
Nov 19, 2018, 7:38:12 AM11/19/18
to cas-...@apereo.org
Reply all
Reply to author
Forward
0 new messages